JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.1.215

65.111.1.215 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.1.215

Whois 65.111.1.215

IP Abuse Reports for 65.111.1.215:

This IP address has been reported a total of 54 times from 23 distinct sources. 65.111.1.215 was first reported on June 27th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-09 03:30:55 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-03-17 02:00:43 (3 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -49.485 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -49.485 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Sa show less	Web App Attack Bad Web Bot
🇱🇻 garmtech.com	2026-03-09 04:44:47 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇦🇺 oncord	2026-02-28 07:25:51 (3 months ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-02-25 19:00:57 (3 months ago)	Attempted access to sensitive endpoint (/xmlrpc.php) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/xmlrpc.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇦🇺 oncord	2026-02-24 00:04:05 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-18 02:15:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:15:13.112475 2026] [security2:error] [pid 12233:tid 12233] [client 65.111.1.215:27673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rememberingemily.com"] [uri "/config/.env"] [unique_id "aZUgsT4SJ2FhGXieBpnWPgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:59:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:58:57.654548 2026] [security2:error] [pid 31467:tid 31467] [client 65.111.1.215:33549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arlan-associates.com"] [uri "/backend/.env"] [unique_id "aY0XwblLzi8kohknIvbp4wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:42 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 16:15:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:15:42.365907 2026] [security2:error] [pid 20410:tid 20410] [client 65.111.1.215:51121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antoniocobo.com"] [uri "/v2/.git/config"] [unique_id "aYtZrsyviUAV60rkOf-e6wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-10 04:43:17 (4 months ago)	Try to access /.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:12:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:11:51.809470 2026] [security2:error] [pid 25496:tid 25496] [client 65.111.1.215:48687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnairdwoodworking.com"] [uri "/dev/.git/config"] [unique_id "aYqh9yDKd_xwNdbJ1JQCiwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-02-10 03:02:02 (4 months ago)	2026-02-10 04:02:02 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:01:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:01:07.672152 2026] [security2:error] [pid 16002:tid 16002] [client 65.111.1.215:59711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/site/.git/config"] [unique_id "aYqRY_ijx19ww7JmaAAG2QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:58:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:58:16.030498 2026] [security2:error] [pid 5899:tid 5902] [client 65.111.1.215:13413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kcscomputer.com"] [uri "/dev/.git/config"] [unique_id "aYpmiBiTYUJElKef9bxi0wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 85.217.140.37

🇨🇳 220.172.203.43

🇳🇱 195.178.110.42

🇺🇸 172.202.118.39

🇧🇷 131.161.249.165

🇧🇬 91.148.190.150

🇳🇱 45.148.10.141

🇮🇱 37.142.165.9

🇺🇸 216.239.34.223

🇹🇭 203.154.158.195

🇸🇬 194.164.107.4

🇺🇸 135.237.126.9

🇧🇬 79.124.62.230

🇸🇬 43.160.204.7

🇰🇪 197.248.8.33

🇪🇨 190.152.187.183

🇺🇸 162.216.150.203

🇺🇸 74.68.123.43

🇰🇬 212.112.118.92

🇺🇸 205.210.31.45